[Frugalware-security] [ FSA-381 ] lighttpd
vmiklos
noreply at frugalware.org
Sun Mar 9 00:31:51 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frugalware Security Advisory FSA-381
Date: 2008-03-09
Package: lighttpd
Vulnerable versions: <= 1.4.18-1
Unaffected versions: >= 1.4.18-2sayshell1
Related bugreport: http://bugs.frugalware.org/task/2804
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983
Description
===========
A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to a calculation error when allocating the global file descriptor array and can be exploited to crash an affected server.
Updated Packages
================
Check if you have lighttpd installed:
# pacman-g2 -Q lighttpd
If found, then you should upgrade to the latest version:
# pacman-g2 -Sy lighttpd
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info
iD8DBQFH0yHnZ7NElSD1VhkRAieLAJ9XejrsN45J6tGwvZbGhVjhEtiGzACgky5c
jsXbStnNhIP+1YKDth1XjRY=
=6gVg
-----END PGP SIGNATURE-----
More information about the Frugalware-security
mailing list